I've set up a Linux NFS server with 2 network cards on 2 different
networks.

Network A) eth0 has IP 151.89.63.10 on the net
151.89.63.0/255.255.255.0
Network B) eth1 has IP 172.31.1.16 on the net 172.31.1.0/255.255.255.0

NFS works fine on workstation on network A, doesn't work on network B.
Networks are identical and NFS clients (workstations Linux) are, too.
Everything is open, I can ping, telnet... almost everything.

This is the error on the workstation on network B when trying to
mount:
# mount gess10:/nas3 /CS1
mount: RPC: Port mapper failure - RPC: Unable to receive

This is the "/etc/exports" file:
/nas1 151.89.0.0/255.255.0.0(rw,insecure)
/nas3 172.31.1.0/255.255.255.0(rw,insecure)

(I tried also with 172.31.0.0/255.255.0.0).

NFS Server is Red Hat 9.0
NFS Clients are Red Hat 7.3 (but on A network it works also on Digital
UNIX)

My questions could be: does NFS answer on the A card only? Should I
configure nfs/rpc to manage double network?

It should by default answer on both. It looks like portmap on the server
won't talk to client on network B. A portscan of server from client on
network B will tell you if portmap is running, it'll be on port 111. If
it isn't visible make sure your not firewalling it with an iptables rule
on the server, or even possibly the client. Then try restarting portmap
and nfs services on the server if it still isn't visible, making sure
eth1 is up at the time of the restart. If it is visible from network B,
I would check /etc/hosts.allow and /etc/hosts.deny to make sure a
wrapper isn't blocking access. Of course its never a bad idea to check
your syslog to see if the server is giving you any information, which it
should if its denying access for some reason.

-Don

09-29-2007, 07:27 PM

unix

Re: NFS server/client - RPC error

Donald,

first of all thank you for your reply.
Your advice of checking portmap gave me the possibility of finding
something strange: I tried to launch

# nmap gess10

from my client (gess10 is my server) and I have not any answer (it
writes "Starting nmap V. 2.45BETA31 etc." and it freezes).

Maybe I've got a problem with my firewall, but I assumed that being on
the same LAN it wouldn't have involved...

Thank you,
Massimo

Donald Thompson <dlt_SPAMCATCH@lunanet.biz> wrote in message news:<nvpg61-nco.ln1@someplace.com>...[color=blue]
> Bracchetto wrote:
>[color=green]
> > I've set up a Linux NFS server with 2 network cards on 2 different
> > networks.
> >
> > Network A) eth0 has IP 151.89.63.10 on the net
> > 151.89.63.0/255.255.255.0
> > Network B) eth1 has IP 172.31.1.16 on the net 172.31.1.0/255.255.255.0
> >
> > NFS works fine on workstation on network A, doesn't work on network B.
> > Networks are identical and NFS clients (workstations Linux) are, too.
> > Everything is open, I can ping, telnet... almost everything.
> >
> > This is the error on the workstation on network B when trying to
> > mount:
> > # mount gess10:/nas3 /CS1
> > mount: RPC: Port mapper failure - RPC: Unable to receive
> >
> > This is the "/etc/exports" file:
> > /nas1 151.89.0.0/255.255.0.0(rw,insecure)
> > /nas3 172.31.1.0/255.255.255.0(rw,insecure)
> >
> > (I tried also with 172.31.0.0/255.255.0.0).
> >
> > NFS Server is Red Hat 9.0
> > NFS Clients are Red Hat 7.3 (but on A network it works also on Digital
> > UNIX)
> >
> > My questions could be: does NFS answer on the A card only? Should I
> > configure nfs/rpc to manage double network?[/color]
>
> It should by default answer on both. It looks like portmap on the server
> won't talk to client on network B. A portscan of server from client on
> network B will tell you if portmap is running, it'll be on port 111. If
> it isn't visible make sure your not firewalling it with an iptables rule
> on the server, or even possibly the client. Then try restarting portmap
> and nfs services on the server if it still isn't visible, making sure
> eth1 is up at the time of the restart. If it is visible from network B,
> I would check /etc/hosts.allow and /etc/hosts.deny to make sure a
> wrapper isn't blocking access. Of course its never a bad idea to check
> your syslog to see if the server is giving you any information, which it
> should if its denying access for some reason.
>
> -Don[/color]